mysql 密码恢复及设置
[[email protected] ~]# grep password /var/log/mysqld.log#mysql 启动后随机生成的初始密码
2017-12-20T02:36:18.623330Z 1 [Note] A temporary password is generated for [email protected]: 5h)>QAdqbI7t
#使用初始密码登录 并重置密码 初始密码不能对数据库进行操作 需要重置密码
[[email protected] ~]# mysql -hlocalhost -uroot -p'5h)>QAdqbI7t'
修改密码验证策略
mysql> set global validate_password_policy=0;
#策略 0 长度
1 (默认) 长度;数字,小写/大写,和特殊字符
2 长度;数字,小写/大写,和特殊字符;字典文件
修改密码长度6 默认值是8个字符
mysql> set global validate_password_length=6;
mysql> alter user [email protected]"localhost" identified by "123456";
mysql> show database;#测试
mysql> quit
Bye
[[email protected] ~]# mysql -hlocalhost -uroot -p'123456'
设置密码验证策略永久生效
[[email protected] ~]# vim /etc/my.cnf
...
[mysqld]
validate_password_policy=0
validate_password_length=6
...
[[email protected] ~]# systemctl restart mysqld
修改数据库管理员本机管理密码(操作系统管理员)
mysqladmin -hlocalhost -uroot -p旧密码 password '新密码'
[[email protected] ~]# mysqladmin -hlocalhost -uroot -p123456 password '123123'
当忘记密码时,密码恢复
[[email protected] ~]# vim /etc/my.cnf
[mysqld]
skip-grant-tables#启动时不验证用户密码
[[email protected] ~]# systemctl restart mysqld
[[email protected] ~]# mysql
mysql> update mysql.user set authentication_string=password("abc123") where user="root";
mysql> flush privileges; #刷新MySQL的系统权限相关表
[[email protected] ~]# vim /etc/my.cnf
关闭启动时不验证用户密码
[[email protected] ~]# systemctl restart mysqld
[[email protected] ~]# mysql -uroot -pabc123
数据管理
数据导入:把系统文件的内容存储到数据库的表里
/etc/passwdstudb.user
用户名 密码占位符 UID GID 描述信息 家目录 shell
create database studb;
create table studb.user(
name char(50),
password char(1),
UID int(2),
GID int(2),
comment varchar(100),
homedir char(100),
shell char(25)
)engine=innodb;
select * from studb.user;
load data infile '目录/文件名' into table '库.表名' fields terminated by "字段间隔符号" lines terminated by "行间隔符号"
查看默认使用目录及目录是否存在
mysql> show variables like "secure_file_priv";
+------------------------------+-------------------------------------------+
| Variable_name | Value |
+-------------------------------+-----------------------------------------+
| secure_file_priv | /var/lib/mysql-files/ |
+-------------------------------+------------------------------------------+
[[email protected] ~]# cp /etc/passwd /var/lib/mysql-files/
[[email protected] ~]# setenforce 0
mysql> load data infile '/var/lib/mysql-files/passwd' into table user fields terminated by ":" lines terminated by "\n";
Query OK, 44 rows affected (0.04 sec)
Records: 44 Deleted: 0 Skipped: 0 Warnings: 0
修改默认使用目录
[[email protected] ~]# mkdir /myfile
[[email protected] ~]# chown mysql /myfile/
[[email protected] ~]# vim /etc/my.cnf
[mysqld]
secure_file_priv="/myfile"
[[email protected] ~]# systemctl restart mysqld
mysql> show variables like "secure_file_priv";
+-------------------------------+-------------------+
| Variable_name | Value |
+-------------------------------+------------------+
| secure_file_priv | /myfile/ |
+--------------------------------+-----------------+
1 row in set (0.00 sec)
数据导出:把表记录存储到系统
sql 查询 into outfile "目录/文件名";
sql 查询 into outfile "目录/文件名" fields terminated by "字段间隔符号" lines terminated by "行间隔符号";
mysql> select name,UID from user limit 5 into outfile "/myfile/user1.txt";
[[email protected] ~]# ls /myfile/
user1.txt
[[email protected] ~]# cat /myfile/user1.txt #默认字段间隔符号为<tab> 默认行间隔符号"\n"
root0
bin1
daemon2
adm3
lp4
mysql> select name,UID from user limit 5 into outfile "/myfile/user2.txt" fields terminated by "#" lines terminated by ":";
[[email protected] ~]# ls /myfile/
user1.txt user2.txt
[[email protected] ~]# cat /myfile/user2.txt
root#0:bin#1:daemon#2:adm#3:lp#4:
用户授权 grant
就是在数据库服务器添加新的连接用户
grant 权限列表 on 库名 to 用户@"客户端地址" identified by '密码' [ with grant option ];
mysql> grant all on *.* to [email protected] identified by '123456' with grant option;
权限的表示方式: all(所以权限), usage(没有权限), select,update(name,age),delete
库名的表示方式: 库名.表名 库名.* *.*
用户名 自定义
客户端地址表示方式: 192.168.4.117(一台机器) 192.168.2.%(一个网段)
identified by '密码' #登录密码
with grant option #可以有授权权限 可选项
客户端测试授权
which mysql
mysql -h数据库服务器ip -u用户名 -p密码
[[email protected] ~]# mysql -h192.168.4.1 -uroot -p123456
select @@hostname;
mysql> select @@hostname;
+---------------------+
| @@hostname |
+---------------------+
| mysql4-1 |
+---------------------+
1 row in set (0.00 sec)
select user();
mysql> select user();
+--------------------------------+
| user() |
+--------------------------------+
| [email protected] |
+--------------------------------+
1 row in set (0.00 sec)
show grants;
mysql> show grants;
+-------------------------------------------------------------------------------------------------------------------------------+
| Grants for [email protected] |
+-------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'192.168.4.2' WITH GRANT OPTION |
+-------------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
允许从网站服务器上使bbsuser用户连接 密码时123456 只对bbsdb小的所以表有完全权限
mysql> grant all on bbsdb.* to [email protected] identified by '123456';
MySQL [(none)]> show grants;
+---------------------------------------------------------------------------------------------------------------+
| Grants for [email protected] |
+---------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'bbsuser'@'192.168.4.3' |
| GRANT ALL PRIVILEGES ON `bbsdb`.* TO 'bbsuser'@'192.168.4.3' |
+---------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
MySQL [(none)]> create database bbsdb;
Query OK, 1 row affected (0.00 sec)
运行admin用户在数据库服务器本机登录 密码123456 只有查询记录权限
mysql> grant select on *.* to [email protected] identified by '123456';
授权信息存储子授权库mysql下的表里
mysql> use mysql;
mysql> show tables;
user 已有的授权用户信息
db授权用户对库的访问权限
tables_priv授权用户对表的访问权限
columns_priv 授权用户对表中字段的访问权限
查看服务器上有哪些授权用户
mysql> select user,host from mysql.user;
+-------------------+-----------------------+
| user | host |
+-------------------+-----------------------+
| root | 192.168.4.2 |
| bbsuser | 192.168.4.3 |
| admin | localhost |
| mysql.sys | localhost |
| root | localhost |
+-------------------+-----------------------+
5 rows in set (0.00 sec)
mysql> show grants for [email protected];
+---------------------------------------------------------------------------------------------------------------+
| Grants for [email protected] |
+---------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'bbsuser'@'192.168.4.3' |
| GRANT ALL PRIVILEGES ON `bbsdb`.* TO 'bbsuser'@'192.168.4.3' |
+---------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
查看以有的授权用户对服务器上库的权限
mysql> select user,host,db from mysql.db;
+-------------------+-----------------------+------------+
| user | host | db |
+-------------------+-----------------------+------------+
| bbsuser | 192.168.4.3 | bbsdb |
| mysql.sys | localhost | sys |
+-------------------+-----------------------+------------+
2 rows in set (0.01 sec)
查看以有的授权用户对服务器上库中的表的权限
mysql> select host,user,db,table_name from mysql.tables_priv;
+-------------------+-------------------+----------+---------------------+
| host | user | db | table_name |
+-------------------+-------------------+----------+--------------------+
| localhost | mysql.sys | sys | sys_config |
+-------------------+--------------------+----------+-------------------+
授权用户登录服务器后,修改登录密码
set password=password("123456");
管理员重置授权用户登录密码
set password for 用户名@客户端地址
mysql> set password for [email protected]=password('abc123');
权限撤销 revokel
revokel 权限列表 on 库名 for 用户名@'客户端地址';
删除授权用户
drop user 用户名@"客户端地址"
查看授权用户权限
show grants for 用户名@"客户端地址"
mysql> show grants for [email protected];
撤销root用户在192.168.4.2主机登录的授权权限
mysql> revoke grant option on *.* from [email protected]
撤销root用户在192.168.4.2主机登录的删除记录和修改记录的权限
mysql> revoke update,delete on *.* from roo
撤销root用户剩于所以的权限
mysql> revoke all on *.* from [email protected];
也可以通过修改表记录的方式撤销用户的权限
mysql> select * from mysql.db where db='bbsdb' and user='bbsuser' and host='192.168.4.3'\G;
修改在对应表中的记录信息
mysql> update mysql.db set delete_priv="N",Drop_priv="N" where db='bbsdb' and user='bbsuser' and host='192.168.4.3';
mysql> flush privileges;
原文地址:http://blog.51cto.com/13558754/2057476